Guidance

FCDO as a data controller: privacy notice

Updated 14 July 2021

Last updated: 14 July 2021

1. Who we are

Foreign, Commonwealth & Development Office 
King Charles Street
London
SW1A 2AH

2. What data we process and why

The Foreign, Commonwealth & Development Office (FCDO) pursues our national interests and projects the UK as a force for good in the world.  We promote the interests of British citizens and provide consular services overseas, safeguard the UK’s security, defend our values and tackle global challenges with our international partners.

In doing so we process personal data for the purposes of performing our duties as a ministerial department. Personal data is information that relates to an identified or identifiable individual. Examples include, but are not limited to: contact details such as name, address, date of birth, telephone number and email address. In addition we may also process certain special category data about you as listed below:

• information about race or ethnicity, religious beliefs, sexual orientation and political opinions
• trade union membership
• information about your health, including any medical condition, health and sickness records
• genetic information and biometric data

We will ensure that we treat all personal information in accordance with data protection legislation, including the UK General Data Protection Regulation (UK GDPR) and Data Protection Act 2018 (DPA 2018). Data protection law states that the personal information that we hold about you must be:

• processed lawfully, fairly and in a transparent manner

• collected for specific purposes which we have explained to you, and will not be used in any other way which is incompatible with those purposes

• relevant to the purposes we have explained to you and limited to those purposes only

• accurate and kept up to date

• held only for as long as is necessary for the purposes that we have explained to you

• processed or held in a way that ensures security

3. Legal basis for the processing

We process this data because it is necessary to do so in order for the FCDO to perform its official functions as a ministerial department. We may also process your data under the following legal bases:

• (a) Consent: you have given us clear consent to process your personal data for a specific purpose
• (b) Contract: the processing is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract with you
• (c) Legal obligation: the processing is necessary for us to comply with the law (not including contractual obligations)
• (d) Vital interests: the processing is necessary to protect someone’s life
• (e) Legitimate interests: the processing is necessary for our legitimate interests or the legitimate interests of a third party unless your rights as the data subject override those legitimate interests

4. What we do with it

In addition to processing this data because it is necessary to do so for the FCDO to perform its official functions as a ministerial department, there may be other circumstances in which we may lawfully share your data with third parties where, for example, we are required to do so by law, by court order, or to prevent fraud or other crimes. Where we share data, however, we shall do so in accordance with applicable data protection laws.

5. How long we keep your data

We will retain your personal data for only as long as it is necessary or for as long as we are legally required to do so and in line with our retention schedule.

6. Your rights

In certain circumstances you have the right to:

• object – request that your data is not processed for certain purposes
• erasure - request that your personal data is erased where one of the statutory grounds applies
• data portability – the right to obtain and reuse your personal data for your own purposes across different services in certain circumstances
• restrict processing - request that the processing of your personal data is restricted in certain circumstances – for example, where accuracy is contested
• rectification - request that any inaccuracies in your personal data are rectified without delay. Request that any incomplete personal data is completed, including by means of a supplementary statement
• access - request information about how your personal data is processed and to request a copy of that personal data

If your personal data is processed on the basis of consent, you have the right to:

• withdraw consent to the processing of your personal data at any time

7. How to contact us

If you have any questions about anything in this notice, or if you consider that your personal data has been misused or mishandled contact us at data.protection@fcdo.gov.uk.

You can also contact the Data Protection Officer at the Foreign, Commonwealth & Development Office:

Data Protection Officer
Information Management Department
Information and Digital Directorate
Room K4.04
Foreign, Commonwealth & Development Office
King Charles Street
London
SW1A 2AH

Email: Data.Protection@fcdo.gov.uk

Telephone: 020 7008 5000

7.1 Complaints

You may also make a complaint to the Information Commissioner, who is an independent regulator. The Information Commissioner can be contacted at:

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF

Email: casework@ico.org.uk

Telephone: 0303 123 1113

8. Changes to this notice

We may modify or amend this privacy notice at our discretion at any time. When we make changes to this notice, we will amend the last modified date at the top of this page. Any modification or amendment to this privacy notice will be applied to you and your data as of that revision date. We will publish changes to our privacy notice on our gov.uk website.

See also our Personal Information Charter